<jpk68:matrix.org> news.ycombinator.com/item?id=48214215

<user2570:unredacted.org> @jpk68:matrix.org: One more reason to migrate from Github/Microsoft to Codeberg or Radicle or ...

<user2570:unredacted.org> When migration? 🤔

<syntheticbird> @user2570:unredacted.org: did you read the article ?

<user2570:unredacted.org> @syntheticbird: Not really

<syntheticbird> @user2570:unredacted.org: they are saying that they are neutral and basically bootlick the gov to not include github in the app store category because that would hurt open source participation

<syntheticbird> and says they have participated in discussion of age related laws before for the purpose of keeping it as open as possible

<user2570:unredacted.org> oh my bad. thanks for the summary.

<syntheticbird> np

<longtermwhale:matrix.org> > <@jpk68:matrix.org> Do you really think that Anthropic, an AI corporation in kahoots with the DOD, is going to give Monero access to Mythos out of pure benevolence or something?

<longtermwhale:matrix.org> some CCS are directed for audits from some security consultancy firms that should likely sooner than later get access to such models. i would call it unlikely that they even bother giving our such model access to private entities (which, any xmr dev is), unless they are some kind of 3 million followers on twitter guy.

<longtermwhale:matrix.org> so via proxy, audits could be done on certain parts on the codebase, at less and less costs. however, my perspective for 2026 is that NONE of the devs or people funding/donating take defense seriously enough.

<longtermwhale:matrix.org> attackers do. hence all the bugs and hacks lately.

<syntheticbird> @ofrnxmr:xmr.mx I saw your comment on meta and will do the edit soon

<jpk68:matrix.org> @user2570:unredacted.org: Codeberg is not any better, you're kind of missing the point (no offense). My point is that anything not self-hosted is less than ideal

<jpk68:matrix.org> Codeberg is, in my opinion, equally as likely to ban you for having the wrong opinions (probably not through a flawed anti-spam system, though...)

<ofrnxmr:xmr.mx> GH banned you for opinions?

<ofrnxmr:xmr.mx> Also, monero will ban you as well 🧠

<hbs:matrix.org> GH is so agressive with the use of copilot that any sane person would leave it shortly

It was good until it was terrible

<ofrnxmr:xmr.mx> GH is being enshittified due to their trash development of github itself

<ofrnxmr:xmr.mx> Id assume as a direct result of copilot being total trash

ofrnxmr quite self explanatory: damrnelson.github.io/github-historical-uptime/?utm_source=chatgpt.com

<ofrnxmr:xmr.mx> Seems to me that its almost entirely vibe coded these days. They cant even push out an app update without totall breaking something that worked prior

ofrnxmr have you tried GitHub spark?

<ofrnxmr:xmr.mx> ro1m: I dont see a downtrend

I have tried, couldn't even get it to work though. They advertised it as this great thing.

<ofrnxmr:xmr.mx> ro1m: No, dont even know what that is

ofrnxmr I don't find GitHub that bad just as a product itself, it stores my code, I can use git with it. I'm happy.

<ofrnxmr:xmr.mx> I find their ability to constantly break stuff by vibecoding the product to be a pita

Ignore everything else GitHub does

<ofrnxmr:xmr.mx> Otherwise, i dont really care. I store repos locally. I dont even bother to mirror to ie codeberg

<jpk68:matrix.org> They didn't, no, and I didn't say they did > <@ofrnxmr:xmr.mx> GH banned you for opinions?

I like it becaus the peace of mind, redundancy. Being on the cloud as well as a local copy

because*

<jpk68:matrix.org> For what, exactly? > <@ofrnxmr:xmr.mx> Also, monero will ban you as well 🧠

<tempetassum:matrix.org> That’s just Microsoft since 2000 > <@ofrnxmr:xmr.mx> Seems to me that its almost entirely vibe coded these days. They cant even push out an app update without totall breaking something that worked prior

<ofrnxmr> @tempetassum:matrix.org: They usually kill products

They try to bring AI into it.

I'm not sure how good Azure is though. I've only used Google Cloud and AWS.

<syntheticbird> @ofrnxmr:xmr.mx: Just a question of time before codeberg dies under its own weight. Forgejo was never conceived to take Github-tier loads. They are struggling and will continue to struggle even more

<jpk68:matrix.org> FWIW I'm not using Codeberg for any reason other than the fact that it's free and convenient

<kayabanerve:matrix.org> what about the reason it's good

<kayabanerve:matrix.org> @syntheticbird:monero.social: PRs welcome

<kayabanerve:matrix.org> /s but only half /s, but I am really hopeful for federated Git hosts

<kayabanerve:matrix.org> Like, Git itself is decentralized, but it doesn't include issue tracking unless you use markdown files in a folder D:

<kayabanerve:matrix.org> Key reason for Git alternatives IMO

<jbabb:cypherstack.com> alexselimov.com/posts/forge_fragmentation

<jbabb:cypherstack.com> github.com/aselimov/-hugo-unified-git-activity

<jbabb:cypherstack.com> might be interesting to forge users. main usability complaint for me is not being able to see unified activity across multiple hosts (github, gitlab, codeberg, forgejo, etc), which the above links address

<kayabanerve:matrix.org> Some replication a la mastodon for issues, PRs, and home servers for users would solve a lot

the new dawnswap is havenoflow

wrong room, just garbage haveno forks^

<syntheticbird> @kayabanerve:matrix.org don't be mistaken, I do not wish codeberg death and I'm also very excited about federated git (with activitypub) because I think that is the only viable path forward to compet with github. And yes the rest of what you said about git

<kayabanerve:matrix.org> Or a git alternative with built-in issue management but ehhh, I don't want migrate off git tbh

<syntheticbird> Its just that Forgejo right now inherited from a codebase that shows only basic practices in web security as shown by the recent carrot disclosure and the problem in general is much broader than a few PR. Codeberg have so many patches right now on top Forgejo

<kayabanerve:matrix.org> I didn't think you did, no worries :)

<kayabanerve:matrix.org> Though I'll note Mastodon posts aren't authenticated AFAIK and I'd want to require issue comments be. I'm fine with homeserver auth, were your homeserver can forge your comments though, which may the current proposals?

<kayabanerve:matrix.org> Can we not treat that absurdity like it's legitimate?

<kayabanerve:matrix.org> But agree Forgejo needs hardening for prod

<kayabanerve:matrix.org> 'Video games don't need memory safety'

<kayabanerve:matrix.org> *joining a lobby* -> RCE

<syntheticbird> lmao

<kayabanerve:matrix.org> Basically, all software needs hardening for everything and that's life :/ there isn't really a case where you can say 'it's fine, I don't need these logic/auth/memory checks'

hilarious

<kayabanerve:matrix.org> Unless its TempleOS which isn't networked at all, as God commanded your computer was for you personally

<kayabanerve:matrix.org> then you're fine

<kayabanerve:matrix.org> But yeah, even originally hobby web projects, video games, need full safety because else we get here

because all this sudden you have people running arbitrary commands on another persons computer via chat.

<kayabanerve:matrix.org> omgosh irc is just a bunch of text messages with a very thin command language on top

<kayabanerve:matrix.org> irc CLI command injection wen /s

<kayabanerve:matrix.org> I wouldn't be surprised if there's a bash IRC client which had command injection lol

I was just thinking that yesterday, someone finds a zero-day in IRC where they can send a certain payload in the chat to execute shell commands on all the matrix servers that are listening.

<syntheticbird> @kayabanerve:matrix.org: BEHOLD

<syntheticbird> github.com/codyd51/uefirc

<syntheticbird> THE UEFI IRC CLIENT

<kayabanerve:matrix.org> I'm aware of that lol

<kayabanerve:matrix.org> but that means there's no privilege separation and no privilege escalation :p

<kayabanerve:matrix.org> it's fun af but not inherently as good of a CTF idea

<kayabanerve:matrix.org> Unless it's escape the IRC client to flash your own bios remotely lol

<syntheticbird> @kayabanerve:matrix.org: you can't update with boot time services

<syntheticbird> in theory

<kayabanerve:matrix.org> AFAIK, there's no POSIX way to do a socket without a C compiler or approximate, as it's in libc, but sh can't call libc directly, and netcat isn't standardized.

<kayabanerve:matrix.org> bash is interesting here as it does have a socket extension and does allow TCP and UDP iirc.

<kayabanerve:matrix.org> So you can't do a POSIX sh IRC but you could do a bash IRC

<kayabanerve:matrix.org> The shame is, I actually love POSIX sh and whenever I write a shell script, I aggressively check it lol.

<kayabanerve:matrix.org> Like, it's a horrible language full of footguns, but I love the golf of it and portability.

How many times do you shoot yourself in the foot a day?

<kayabanerve:matrix.org> shout out to no hex tool is standardized, except for octal dump which does support hex via a flag. 2026 is the year of the ~~Linux desktop~~ octal, I'm telling y'all, it's making a come back.

<kayabanerve:matrix.org> Considering I only write POSIX sh once a month or two? Average once a day, but that'd because of the outliers where I shoot myself 30 times in the one day I work on POSIX sh 😅

That must hurt.

<kayabanerve:matrix.org> github.com/serai-dex/serai/blob/nex…tion/increase_default_stack_size.sh

<kayabanerve:matrix.org> Also, tail supports offsets but head doesn't? It's all so silly

<jpk68:matrix.org> @syntheticbird: Insane

<jpk68:matrix.org> Now do one with the JavaScript UEFI bindings, lmao

<hbs:matrix.org> @kayabanerve:matrix.org: can't you use tail to replicate head's behavior?

<kayabanerve:matrix.org> @hbs:matrix.org: if you know the length of the content, presumably. That doesn't change it's an extra step and silly

<321bob321> It was forked by a dev who go the shits with gitea > <@syntheticbird> Just a question of time before codeberg dies under its own weight. Forgejo was never conceived to take Github-tier loads. They are struggling and will continue to struggle even more